Skills
skills/kaelzhang321/teambition-agent-toolkit/tb-search-tags/Gen Agent Trust Hub

tb-search-tags

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Node.js script bin/tb-api.mjs via the Bash tool and interpolates user-provided text from AskUserQuestion into the command arguments.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface. Ingestion points: User input from the AskUserQuestion step is used directly. Boundary markers: The keyword is interpolated without delimiters or escaping. Capability inventory: The skill uses the Bash tool for shell execution. Sanitization: No input sanitization is specified in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 03:32 AM